In recent years, a DaaS (Database as a Service) that provides a usage environment of a database via the Internet has been getting attention as a form of cloud computing service. Users of the DaaS can reduce cost and unify management by devolving a permanent management job of data owned by themselves and a general database management job to a service provider. However, an administrator of a database server provided by the service provider (hereinafter, simply referred to as a server) is often a third party different from a user enjoying the service (hereinafter, referred to as a client), so that it is not ensured to completely prevent information leakage even if the third party provides a database encryption service. Because of a risk of security attack by the third party, there is an increasing need to prevent raw data itself before encryption from being viewed by a database administrator.
Thus, a method for enhancing security by transferring data to be managed to a server after encrypted on a client side and causing the server to manage the encrypted data has been proposed. However, it is difficult to directly search on the encrypted data, so that it is necessary to perform procedures as follows: once sending data on the server side to the client, decoding the data on the client side, and perform result collation as to whether an original query condition is satisfied. Under such circumstances, there is a problem that the client can hardly enjoy search service of a database, a burden on the client is large, and a processing time becomes very long. To solve the problems as described above, some methods for managing the encrypted data so as to be searchable in the server has been proposed. However, it is particularly difficult for these conventional methods to perform search such as range search of numerical data with high efficiency while high security is maintained, so that improvement has been demanded.